| Message ID | ba92472ebfa6fad1a0ca73327093afaa9e30374b.1650591341.git.paul.eggleton@linux.microsoft.com |
|---|---|
| State | New |
| Headers | show |
| Series | [1/9] migration-3.4: add missing entry on EXTRA_USERS_PARAMS | expand |
Hi Paul, On 4/22/22 03:40, Paul Eggleton wrote: > We missed noting this in 3.4 but I noticed the documentation was > recently updated, so note the removal. > > Signed-off-by: Paul Eggleton <paul.eggleton@microsoft.com> > --- > documentation/migration-guides/migration-3.4.rst | 7 +++++++ > 1 file changed, 7 insertions(+) > > diff --git a/documentation/migration-guides/migration-3.4.rst b/documentation/migration-guides/migration-3.4.rst > index 139b2bf..dead6bc 100644 > --- a/documentation/migration-guides/migration-3.4.rst > +++ b/documentation/migration-guides/migration-3.4.rst > @@ -265,6 +265,13 @@ Miscellaneous > built-in override support in the fetcher or overrides in general > instead. > > +- The ``-P`` (``--clear-password``) option can no longer be used with > + ``useradd`` and ``usermod`` entries in :term:`EXTRA_USERS_PARAMS`. > + It was being implemented using a custom patch to the ``shadow`` recipe > + which clashed with a ``-P`` option that was added upstream in > + ``shadow`` version 4.9, and in any case is fundamentally insecure. > + Nice catch! I would say that only hashed passwords are supported now and point to the extrausers.bbclass doc here: https://docs.yoctoproject.org/ref-manual/classes.html#extrausers-bbclass which explains how to do it? and maybe we should mention this in the EXTRA_USERS_PARAMS actually in addition to where it currently is located (extrausers.bbclass). Cheers, Quentin
On Fri, 2022-04-22 at 12:30 +0200, Quentin Schulz wrote: > Hi Paul, > > On 4/22/22 03:40, Paul Eggleton wrote: > > We missed noting this in 3.4 but I noticed the documentation was > > recently updated, so note the removal. > > > > Signed-off-by: Paul Eggleton <paul.eggleton@microsoft.com> > > --- > > documentation/migration-guides/migration-3.4.rst | 7 +++++++ > > 1 file changed, 7 insertions(+) > > > > diff --git a/documentation/migration-guides/migration-3.4.rst b/documentation/migration-guides/migration-3.4.rst > > index 139b2bf..dead6bc 100644 > > --- a/documentation/migration-guides/migration-3.4.rst > > +++ b/documentation/migration-guides/migration-3.4.rst > > @@ -265,6 +265,13 @@ Miscellaneous > > built-in override support in the fetcher or overrides in general > > instead. > > > > +- The ``-P`` (``--clear-password``) option can no longer be used with > > + ``useradd`` and ``usermod`` entries in :term:`EXTRA_USERS_PARAMS`. > > + It was being implemented using a custom patch to the ``shadow`` recipe > > + which clashed with a ``-P`` option that was added upstream in > > + ``shadow`` version 4.9, and in any case is fundamentally insecure. > > + > > Nice catch! > > I would say that only hashed passwords are supported now and point to > the extrausers.bbclass doc here: > https://docs.yoctoproject.org/ref-manual/classes.html#extrausers-bbclass > which explains how to do it? > > and maybe we should mention this in the EXTRA_USERS_PARAMS actually in > addition to where it currently is located (extrausers.bbclass). Can I tempt you to send a follow up patch against master-next please? :) Cheers, Richard
diff --git a/documentation/migration-guides/migration-3.4.rst b/documentation/migration-guides/migration-3.4.rst index 139b2bf..dead6bc 100644 --- a/documentation/migration-guides/migration-3.4.rst +++ b/documentation/migration-guides/migration-3.4.rst @@ -265,6 +265,13 @@ Miscellaneous built-in override support in the fetcher or overrides in general instead. +- The ``-P`` (``--clear-password``) option can no longer be used with + ``useradd`` and ``usermod`` entries in :term:`EXTRA_USERS_PARAMS`. + It was being implemented using a custom patch to the ``shadow`` recipe + which clashed with a ``-P`` option that was added upstream in + ``shadow`` version 4.9, and in any case is fundamentally insecure. + + .. include:: release-notes-3.4.rst .. include:: release-notes-3.4.1.rst .. include:: release-notes-3.4.2.rst